The European study, an extension of an earlier study conducted in the United States, confirms the pressing need for organisations to adopt more secure USB products and policies. A total of 3,204 IT practitioners with an average of 10.75 years of IT or IT security experience in the United Kingdom, France, Germany, Nordics, Netherlands, Switzerland and Poland, were surveyed and all acknowledged the importance of USB drives from a productivity standpoint. Across Europe, 71 percent of respondents confirmed that their companies do not have the technologies to prevent or quickly detect the download of confidential data onto USB drives by unauthorized individuals. The statistic shows most organisations are ignoring the risks of using unencrypted USB drives, resulting in most companies – 62 percent of those questioned having suffered a loss of confidential or sensitive data because of missing USB drives in the last two years.
When comparing individual European countries, perceptions and practices about the importance of USB security is highest in Germany with 62 percent agreeing that their organisation has an adequate USB security policy in place to prevent employee misuse. On the contrary, France and Poland are most at risk as a result of employees practices 85 percent of respondents in France and 83 percent in Poland say that employees use USB drives without obtaining advance permission to do so.
Evidence of widespread compromise is apparent:
- 75 percent of respondents say employees in their companies are using USB drives without obtaining advance permission to do so.
- A staggering 63 percent of respondents confirmed employees lose USB drives without notifying appropriate authorities all the time or very frequently.
- France, UK and Poland have the highest rate of data breach as a result of a missing USB drives.
“At Kingston we believe a lack of oversight, education and corporate confusion are factors that lead to the overwhelming majority of data loss when it comes to USB Flash drives,” said Jim Selby, European Product Marketing Manager at Kingston Technology. “Organisations fear that any attempt to control a device like a USB is likely to be futile and costly, both in terms of budget and loss of productivity. However, a simple analysis of what a company needs and the knowledge that there is a range of easy-to-use, cost-effective, secure USB Flash drive solutions can go a long way toward enabling organisations and their employees to get a handle on the issue.”
“This survey has made it clear that attitudes toward USB security differ across Europe, but the overall findings underline how many organizations still lack rigorous and secure USB data protection policies, thus leaving a huge hole in corporate security strategies,” said Dr. Larry Ponemon, CEO of the Ponemon Institute. “Rarely a month goes by without another confidential data lost on a USB drive story being reported in the press, so we hope the results of our survey acts as a wake-up call for European organisations.”